1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.NoSuchResourcePermissionException;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.model.ResourceAction;
29 import com.liferay.portal.model.ResourceConstants;
30 import com.liferay.portal.model.ResourcePermission;
31 import com.liferay.portal.model.ResourcePermissionConstants;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.RoleConstants;
34 import com.liferay.portal.security.permission.PermissionCacheUtil;
35 import com.liferay.portal.security.permission.ResourceActionsUtil;
36 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
37 import com.liferay.portal.util.PortalUtil;
38
39 import java.util.ArrayList;
40 import java.util.Collections;
41 import java.util.List;
42
43
49 public class ResourcePermissionLocalServiceImpl
50 extends ResourcePermissionLocalServiceBaseImpl {
51
52 public void addResourcePermission(
53 long companyId, String name, int scope, String primKey, long roleId,
54 String actionId)
55 throws PortalException, SystemException {
56
57 if (scope == ResourceConstants.SCOPE_COMPANY) {
58
59
61 removeResourcePermissions(
62 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
63 actionId);
64 }
65 else if (scope == ResourceConstants.SCOPE_GROUP) {
66
67
69 removeResourcePermissions(
70 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
71 actionId);
72 }
73 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
74 throw new NoSuchResourcePermissionException();
75 }
76
77 updateResourcePermission(
78 companyId, name, scope, primKey, roleId, new String[] {actionId},
79 ResourcePermissionConstants.OPERATOR_ADD);
80
81 PermissionCacheUtil.clearCache();
82 }
83
84 public List<String> getAvailableResourcePermissionActionIds(
85 long companyId, String name, int scope, String primKey, long roleId,
86 List<String> actionIds)
87 throws PortalException, SystemException {
88
89 ResourcePermission resourcePermission =
90 resourcePermissionPersistence.fetchByC_N_S_P_R(
91 companyId, name, scope, primKey, roleId);
92
93 if (resourcePermission == null) {
94 return Collections.EMPTY_LIST;
95 }
96
97 List<String> availableActionIds = new ArrayList<String>(
98 actionIds.size());
99
100 for (String actionId : actionIds) {
101 ResourceAction resourceAction =
102 resourceActionLocalService.getResourceAction(name, actionId);
103
104 if (hasActionId(resourcePermission, resourceAction)) {
105 availableActionIds.add(actionId);
106 }
107 }
108
109 return availableActionIds;
110 }
111
112 public int getResourcePermissionsCount(
113 long companyId, String name, int scope, String primKey)
114 throws SystemException {
115
116 return resourcePermissionPersistence.countByC_N_S_P(
117 companyId, name, scope, primKey);
118 }
119
120 public List<ResourcePermission> getRoleResourcePermissions(long roleId)
121 throws SystemException {
122
123 return resourcePermissionPersistence.findByRoleId(roleId);
124 }
125
126 public boolean hasActionId(
127 ResourcePermission resourcePermission, ResourceAction resourceAction) {
128
129 long actionIds = resourcePermission.getActionIds();
130 long bitwiseValue = resourceAction.getBitwiseValue();
131
132 if ((actionIds & bitwiseValue) == bitwiseValue) {
133 return true;
134 }
135 else {
136 return false;
137 }
138 }
139
140 public boolean hasResourcePermission(
141 long companyId, String name, int scope, String primKey, long roleId,
142 String actionId)
143 throws PortalException, SystemException {
144
145 ResourcePermission resourcePermission =
146 resourcePermissionPersistence.fetchByC_N_S_P_R(
147 companyId, name, scope, primKey, roleId);
148
149 if (resourcePermission == null) {
150 return false;
151 }
152
153 ResourceAction resourceAction =
154 resourceActionLocalService.getResourceAction(name, actionId);
155
156 if (hasActionId(resourcePermission, resourceAction)) {
157 return true;
158 }
159 else {
160 return false;
161 }
162 }
163
164 public boolean hasScopeResourcePermission(
165 long companyId, String name, int scope, long roleId,
166 String actionId)
167 throws PortalException, SystemException {
168
169 List<ResourcePermission> resourcePermissions =
170 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
171
172 for (ResourcePermission resourcePermission : resourcePermissions) {
173 if (hasResourcePermission(
174 companyId, name, scope, resourcePermission.getPrimKey(),
175 roleId, actionId)) {
176
177 return true;
178 }
179 }
180
181 return false;
182 }
183
184 public void mergePermissions(long fromRoleId, long toRoleId)
185 throws PortalException, SystemException {
186
187 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
188 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
189
190 if (fromRole.getType() != toRole.getType()) {
191 throw new PortalException("Role types are mismatched");
192 }
193 else if (PortalUtil.isSystemRole(toRole.getName())) {
194 throw new PortalException("Cannot move permissions to system role");
195 }
196 else if (PortalUtil.isSystemRole(fromRole.getName())) {
197 throw new PortalException(
198 "Cannot move permissions from system role");
199 }
200
201 List<ResourcePermission> resourcePermissions =
202 getRoleResourcePermissions(fromRoleId);
203
204 for (ResourcePermission resourcePermission : resourcePermissions) {
205 resourcePermission.setRoleId(toRoleId);
206
207 resourcePermissionPersistence.update(resourcePermission, false);
208 }
209
210 roleLocalService.deleteRole(fromRoleId);
211
212 PermissionCacheUtil.clearCache();
213 }
214
215 public void reassignPermissions(long resourcePermissionId, long toRoleId)
216 throws PortalException, SystemException {
217
218 ResourcePermission resourcePermission = getResourcePermission(
219 resourcePermissionId);
220
221 long companyId = resourcePermission.getCompanyId();
222 String name = resourcePermission.getName();
223 int scope = resourcePermission.getScope();
224 String primKey = resourcePermission.getPrimKey();
225 long fromRoleId = resourcePermission.getRoleId();
226
227 Role toRole = roleLocalService.getRole(toRoleId);
228
229 List<String> actionIds = null;
230
231 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
232 actionIds = ResourceActionsUtil.getModelResourceActions(name);
233 }
234 else {
235 actionIds =
236 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
237 name);
238 }
239
240 setResourcePermissions(
241 companyId, name, scope, primKey, toRoleId,
242 actionIds.toArray(new String[actionIds.size()]));
243
244 resourcePermissionPersistence.remove(resourcePermissionId);
245
246 List<ResourcePermission> resourcePermissions =
247 getRoleResourcePermissions(fromRoleId);
248
249 if (resourcePermissions.isEmpty()) {
250 roleLocalService.deleteRole(fromRoleId);
251 }
252 }
253
254 public void removeResourcePermission(
255 long companyId, String name, int scope, String primKey, long roleId,
256 String actionId)
257 throws PortalException, SystemException {
258
259 updateResourcePermission(
260 companyId, name, scope, primKey, roleId, new String[] {actionId},
261 ResourcePermissionConstants.OPERATOR_REMOVE);
262
263 PermissionCacheUtil.clearCache();
264 }
265
266 public void removeResourcePermissions(
267 long companyId, String name, int scope, long roleId,
268 String actionId)
269 throws PortalException, SystemException {
270
271 List<ResourcePermission> resourcePermissions =
272 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
273
274 for (ResourcePermission resourcePermission : resourcePermissions) {
275 updateResourcePermission(
276 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
277 new String[] {actionId},
278 ResourcePermissionConstants.OPERATOR_REMOVE);
279 }
280
281 PermissionCacheUtil.clearCache();
282 }
283
284 public void setResourcePermissions(
285 long companyId, String name, int scope, String primKey, long roleId,
286 String[] actionIds)
287 throws PortalException, SystemException {
288
289 updateResourcePermission(
290 companyId, name, scope, primKey, roleId, actionIds,
291 ResourcePermissionConstants.OPERATOR_SET);
292 }
293
294 protected void updateResourcePermission(
295 long companyId, String name, int scope, String primKey, long roleId,
296 String[] actionIds, int operator)
297 throws PortalException, SystemException {
298
299 ResourcePermission resourcePermission =
300 resourcePermissionPersistence.fetchByC_N_S_P_R(
301 companyId, name, scope, primKey, roleId);
302
303 if (resourcePermission == null) {
304 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
305 return;
306 }
307
308 long resourcePermissionId = counterLocalService.increment(
309 ResourcePermission.class.getName());
310
311 resourcePermission = resourcePermissionPersistence.create(
312 resourcePermissionId);
313
314 resourcePermission.setCompanyId(companyId);
315 resourcePermission.setName(name);
316 resourcePermission.setScope(scope);
317 resourcePermission.setPrimKey(primKey);
318 resourcePermission.setRoleId(roleId);
319 }
320
321 long actionIdsLong = resourcePermission.getActionIds();
322
323 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
324 actionIdsLong = 0;
325 }
326
327 for (String actionId : actionIds) {
328 ResourceAction resourceAction =
329 resourceActionLocalService.getResourceAction(name, actionId);
330
331 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
332 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
333
334 actionIdsLong |= resourceAction.getBitwiseValue();
335 }
336 else {
337 actionIdsLong =
338 actionIdsLong & (~resourceAction.getBitwiseValue());
339 }
340 }
341
342 resourcePermission.setActionIds(actionIdsLong);
343
344 resourcePermissionPersistence.update(resourcePermission, false);
345
346 PermissionCacheUtil.clearCache();
347 }
348
349 }